The customer data protection needs to be included under the logics inspiring the principles and measures of Data Governance. In this sense, the measures to protect customers’ personal data can only be effective if they follow the same principles that drive the measures to corporate Data Governance.
A healthy setting of Data Governance rules is aimed at defining oversights and implementing controls but must also be inherent in the working methodology, in the design and implementation of solutions and in the change management.
In this sense the criteria of Privacy by design and privacy by default must be considered, especially when they intimately bind the development of application solutions and process functions with the principles underlying the design and the management of technological and organizational business models aiming to data protection.